Sweet32

[anubis7]

So many websites are vulnerable for Sweet32 attack. I searched a lot what is a "Sweet32 Attack", I found some information but nothing important. I would like to understand the process of attacking via sweet32.
Please provide me any information about how to use website sweet32 vulnerable. I think information about sweet32 will be good for this forum, Because here is also no information about it.

Очень многие веб-сайты уязвимы для атаки Sweet32. Я много искал, что такое "Атака Sweet32", я нашел кое-какую информацию, но ничего важного. Я хотел бы понять процесс атаки через sweet32.
Пожалуйста, предоставьте мне любую информацию о том, как использовать уязвимый веб-сайт sweet32. Я думаю, информация о sweet32 будет полезна для этого форума, потому что здесь тоже нет информации о нем.

 

[beecoder]

So many websites are vulnerable for Sweet32 attack. I searched a lot what is a "Sweet32 Attack", I found some information but nothing important. I would like to understand the process of attacking via sweet32.
Please provide me any information about how to use website sweet32 vulnerable. I think information about sweet32 will be good for this forum, Because here is also no information about it.

Очень многие веб-сайты уязвимы для атаки Sweet32. Я много искал, что такое "Атака Sweet32", я нашел кое-какую информацию, но ничего важного. Я хотел бы понять процесс атаки через sweet32.
Пожалуйста, предоставьте мне любую информацию о том, как использовать уязвимый веб-сайт sweet32. Я думаю, информация о sweet32 будет полезна для этого форума, потому что здесь тоже нет информации о нем.

Here is the full description of the attack mechanism, as well as PoC. As I understand, in order to use the attack correctly, need traffic to pass through attacker (MITM).

 

[anubis7]

Here is the full description of the attack mechanism, as well as PoC. As I understand, in order to use the attack correctly, need traffic to pass through attacker (MITM).

I saw this. I think 785 GB traffic is so big, How to generate it? I could not find any malicious javascript which can do that.

 

[anubis7]

Also I saw this repository on github "/azeemba/sour16" but I don't understand what is this and how it works.

 

[beecoder]

I saw this. I think 785 GB traffic is so big, How to generate it? I could not find any malicious javascript which can do that.

Also from that website.

With a modern block cipher with 128-bit blocks such as AES, the birthday bound corresponds to 256 EB. However, for a block cipher with 64-bit blocks, the birthday bound corresponds to only 32 GB, which is easily reached in practice. When the amount of data encrypted under a fixed key approaches this limit, the security guarantees of the mode of operation start to crumble. This problem is well-known by cryptographers, who always require keys to be changed well before 2n/2 blocks. However it is often minimized by practitioners because the attacks require known plaintext, and reveal only little information. Indeed, standard bodies only recommend to change the key just before 2n/2 blocks, and many implementations don't enforce any limit on the use of a key.

Thus for some ciphers need 32 GB. I think this attack is more like a directed attack under certain conditions than a mass attack.

 

[anubis7]

Also from that website.



Thus for some ciphers need 32 GB. I think this attack is more like a directed attack under certain conditions than a mass attack.

I would like to see detailed tutorial or guide about sweet32 attack. I think information on this site is a just description of ssl/tls bug. If someone shares us information about how to use sweet32 vulnerable, that will be great.